Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/07ae9e-3d04-45b6-9db0-46935fcc855e/1/iODWic5-YcLwrz4bnRXeNCRoZqI.roa
File: iODWic5-YcLwrz4bnRXeNCRoZqI.roa (raw, json)
Hash identifier: wkViS2vEwlFEP1BM/kE2/iaf/N93t0cqfPCmdcii6IE=
Subject key identifier: 88:E0:D6:89:CE:7E:61:C2:F0:AF:3E:1B:9D:15:DE:34:24:68:66:A2
Certificate issuer: /CN=96f71b2273ab34ed4a5481176ef70fad867ef166
Certificate serial: 017F70B0
Authority key identifier: 96:F7:1B:22:73:AB:34:ED:4A:54:81:17:6E:F7:0F:AD:86:7E:F1:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lvcbInOrNO1KVIEXbvcPrYZ-8WY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/07ae9e-3d04-45b6-9db0-46935fcc855e/1/iODWic5-YcLwrz4bnRXeNCRoZqI.roa
Signing time: Sat 01 Jan 2022 11:54:24 +0000
ROA not before: Sat 01 Jan 2022 11:54:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59885
IP address blocks: 185.152.111.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25129136 (0x17f70b0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96f71b2273ab34ed4a5481176ef70fad867ef166
Validity
Not Before: Jan 1 11:54:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=88e0d689ce7e61c2f0af3e1b9d15de34246866a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:13:a0:34:ec:30:36:f0:5f:86:39:23:f8:06:
f0:27:c3:d0:73:ed:0d:4c:ac:75:c1:07:44:f1:28:
35:69:7e:e0:44:39:66:f8:41:44:97:6f:69:c3:cb:
cc:5e:53:47:da:55:37:70:82:d0:19:05:fb:27:d5:
6d:88:31:e7:dc:4e:2f:bb:1e:01:32:f9:7a:70:a9:
c9:4f:0d:74:fb:e8:11:df:66:07:ee:06:05:b2:26:
f3:1c:91:3f:6d:66:6d:3f:92:e6:44:24:d0:e5:b0:
eb:ad:30:7d:23:4a:7f:e3:13:25:bf:d2:8e:25:e7:
39:bf:fd:e2:68:57:1e:4a:7f:f4:43:f1:9e:31:e7:
0d:6d:25:9c:81:4a:0a:16:74:3b:6e:fa:53:64:4f:
a4:a6:06:4e:1a:96:83:f0:5f:25:61:bd:46:13:e1:
85:67:c4:2f:15:73:de:2a:23:c5:81:1a:cb:d5:bd:
ce:f7:4b:7d:5c:bd:0c:8b:78:77:c3:59:c4:9b:96:
92:51:7a:9a:8c:93:cc:81:24:83:a4:76:a9:1a:f8:
bf:4e:ba:6f:a8:a9:67:be:c2:2f:f1:e5:9c:29:71:
16:6f:85:ed:ff:46:fc:a3:e7:06:75:d1:b5:fa:32:
eb:c2:b6:fc:98:80:b6:7d:f2:2b:8b:c2:e2:c4:e8:
70:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:E0:D6:89:CE:7E:61:C2:F0:AF:3E:1B:9D:15:DE:34:24:68:66:A2
X509v3 Authority Key Identifier:
keyid:96:F7:1B:22:73:AB:34:ED:4A:54:81:17:6E:F7:0F:AD:86:7E:F1:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lvcbInOrNO1KVIEXbvcPrYZ-8WY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/07ae9e-3d04-45b6-9db0-46935fcc855e/1/iODWic5-YcLwrz4bnRXeNCRoZqI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/07ae9e-3d04-45b6-9db0-46935fcc855e/1/lvcbInOrNO1KVIEXbvcPrYZ-8WY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.152.111.0/24
Signature Algorithm: sha256WithRSAEncryption
87:1e:26:d9:8f:69:e9:d9:39:6f:8c:49:7f:72:12:4a:eb:f8:
c0:89:b8:06:68:52:63:dc:dc:e3:b4:3b:aa:1c:a8:13:f7:3d:
f4:74:d0:db:77:75:bc:33:bf:ba:8b:22:18:01:ee:12:6d:e9:
3e:36:f2:5b:e3:21:78:34:a7:7b:c3:a7:da:17:34:f4:a4:22:
e4:12:ce:11:e2:c4:da:e2:b4:a4:7e:5f:cd:b0:90:9b:f2:d3:
0e:95:05:bc:f8:94:6b:12:91:76:c8:e0:b3:1e:89:07:9f:c7:
32:3d:a9:d3:b3:75:a4:59:dd:fc:37:56:49:03:fa:e0:e3:bf:
59:0d:a3:e5:0a:08:c8:e3:cd:10:3b:95:ab:9e:80:a3:0a:52:
38:4a:ab:85:ce:7a:88:59:cc:39:d7:72:83:a3:ff:c8:b1:d4:
a1:fc:48:8b:9c:88:c0:d4:8f:69:68:af:71:b3:d0:42:0d:e7:
3e:95:ce:07:dd:aa:a6:e1:15:c8:36:62:66:f3:b0:21:56:83:
77:f1:7c:1c:34:69:d0:f7:8a:04:6f:58:f4:a3:27:0f:5d:4f:
1b:4b:49:a5:e5:64:e9:90:c7:48:67:be:d8:e9:46:2e:70:03:
5f:e2:08:ad:49:ff:4b:f6:dc:07:5f:1a:ce:5c:80:c2:3f:75:
ff:60:7c:9a
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAX9wsDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NmY3MWIyMjczYWIzNGVkNGE1NDgxMTc2ZWY3MGZhZDg2N2VmMTY2MB4XDTIyMDEw
MTExNTQyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODhlMGQ2ODljZTdl
NjFjMmYwYWYzZTFiOWQxNWRlMzQyNDY4NjZhMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMgToDTsMDbwX4Y5I/gG8CfD0HPtDUysdcEHRPEoNWl+4EQ5
ZvhBRJdvacPLzF5TR9pVN3CC0BkF+yfVbYgx59xOL7seATL5enCpyU8NdPvoEd9m
B+4GBbIm8xyRP21mbT+S5kQk0OWw660wfSNKf+MTJb/SjiXnOb/94mhXHkp/9EPx
njHnDW0lnIFKChZ0O276U2RPpKYGThqWg/BfJWG9RhPhhWfELxVz3iojxYEay9W9
zvdLfVy9DIt4d8NZxJuWklF6moyTzIEkg6R2qRr4v066b6ipZ77CL/HlnClxFm+F
7f9G/KPnBnXRtfoy68K2/JiAtn3yK4vC4sTocFUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSI4NaJzn5hwvCvPhudFd40JGhmojAfBgNVHSMEGDAWgBSW9xsic6s07UpU
gRdu9w+thn7xZjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2x2Y2JJbk9yTk8xS1ZJRVhidmNQcllaLThXWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGEvMDdhZTllLTNkMDQtNDViNi05ZGIwLTQ2OTM1ZmNjODU1ZS8x
L2lPRFdpYzUtWWNMd3J6NGJuUlhlTkNSb1pxSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGEv
MDdhZTllLTNkMDQtNDViNi05ZGIwLTQ2OTM1ZmNjODU1ZS8xL2x2Y2JJbk9yTk8x
S1ZJRVhidmNQcllaLThXWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALmYbzANBgkqhkiG9w0BAQsFAAOC
AQEAhx4m2Y9p6dk5b4xJf3ISSuv4wIm4BmhSY9zc47Q7qhyoE/c99HTQ23d1vDO/
uosiGAHuEm3pPjbyW+MheDSne8On2hc09KQi5BLOEeLE2uK0pH5fzbCQm/LTDpUF
vPiUaxKRdsjgsx6JB5/HMj2p07N1pFnd/DdWSQP64OO/WQ2j5QoIyOPNEDuVq56A
owpSOEqrhc56iFnMOddyg6P/yLHUofxIi5yIwNSPaWivcbPQQg3nPpXOB92qpuEV
yDZiZvOwIVaDd/F8HDRp0PeKBG9Y9KMnD11PG0tJpeVk6ZDHSGe+2OlGLnADX+II
rUn/S/bcB18azlyAwj91/2B8mg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:23 2024 by rpki-client on console-ams.rpki-client.org